Re: [Uta] Proposed definition of opportunistic encryption using TLS: draft-hoffman-uta-opportunistic-tls-00.txt
Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 03 February 2014 13:46 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 952A41A0222 for <uta@ietfa.amsl.com>; Mon, 3 Feb 2014 05:46:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.435
X-Spam-Level:
X-Spam-Status: No, score=-2.435 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.535] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k7Skct6t7Mtz for <uta@ietfa.amsl.com>; Mon, 3 Feb 2014 05:46:28 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 8B6F81ACCF8 for <uta@ietf.org>; Mon, 3 Feb 2014 04:45:38 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 5A1D1BE50; Mon, 3 Feb 2014 12:45:38 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FWkh7tyxzkOI; Mon, 3 Feb 2014 12:45:38 +0000 (GMT)
Received: from [134.226.36.180] (stephen-think.dsg.cs.tcd.ie [134.226.36.180]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 1F5ABBE4D; Mon, 3 Feb 2014 12:45:38 +0000 (GMT)
Message-ID: <52EF8F72.4050905@cs.tcd.ie>
Date: Mon, 03 Feb 2014 12:45:38 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: Paul Hoffman <paul.hoffman@vpnc.org>, uta@ietf.org
References: <20140203045910.9714.53880.idtracker@ietfa.amsl.com> <B8691415-07F3-4081-8247-E103A60E5CF0@vpnc.org>
In-Reply-To: <B8691415-07F3-4081-8247-E103A60E5CF0@vpnc.org>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [Uta] Proposed definition of opportunistic encryption using TLS: draft-hoffman-uta-opportunistic-tls-00.txt
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Feb 2014 13:46:34 -0000
Hi Paul, On this one, I don't really care which, if any, WG, ends up processing a draft defining these terms, but it is important that the definitions related to the use of the term opportunistic and crypto be ones that work for more than TLS, this WG and the apps area, but are as well accepted for the entire IETF. For example, IPsec and even MPLS folk should be able to use the same terms without confusion arising. Note also that there will be discussion on this topic at the STRINT w/s before IETF-89 and I have some hope that we can get agreement quickly enough between there and the following week of meetings that it won't matter which WG "owns" the draft. On your draft Paul, I don't think it really covers that charter work item since it only has some definitions. But that said, if we conclude a WG document is better, I'm fine if this WG is the place to write down the definitions so long as those are more broadly accepted. And a few more near-random comments: Ending up with substantively different definitions for the term opportunistic e.g. when used with TLS and IPsec would be a dumb outcome IMO. At present we do have such confusion and we do need to fix that, so a draft like Paul's that does define the terms is something we do want. I know that Steve Kent is also working on a different draft that defines these terms, perhaps differently. I've not thought about which of the two might be a better starting point, and Steve's isn't yet published so others can't either. (Steve's text will be published at the end of this week with other STRINT submissions though.) So I think this is one to discuss in London. S. On 02/03/2014 05:03 AM, Paul Hoffman wrote: > Greetings again. One of the deliverables in our charter is: > > - Consider, and possibly define, a standard way for an application > client and server to use unauthenticated encryption through TLS > when server and/or client authentication cannot be achieved. > > I think that wording was sloppy, and would like the WG to come up with a clear definition of what it is we want application protocols to possibly support in order to thwart pervasive monitoring. I put together my ideas in a very short draft. > > If folks like the idea of this definition, I think it would be appropriate for a WG document. > > --Paul Hoffman > > > Begin forwarded message: > >> From: internet-drafts@ietf.org >> Subject: I-D Action: draft-hoffman-uta-opportunistic-tls-00.txt >> Date: February 2, 2014 at 8:59:10 PM PST >> To: i-d-announce@ietf.org >> Reply-To: internet-drafts@ietf.org >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts directories. >> >> >> Title : Opportunistic Encryption Using TLS >> Author : Paul Hoffman >> Filename : draft-hoffman-uta-opportunistic-tls-00.txt >> Pages : 5 >> Date : 2014-02-02 >> >> Abstract: >> This document defines the term "opportunistic encryption using TLS" >> as it applies to application protocols that use TLS. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-hoffman-uta-opportunistic-tls/ >> >> There's also a htmlized version available at: >> http://tools.ietf.org/html/draft-hoffman-uta-opportunistic-tls-00 > > _______________________________________________ > Uta mailing list > Uta@ietf.org > https://www.ietf.org/mailman/listinfo/uta >
- [Uta] Proposed definition of opportunistic encryp… Paul Hoffman
- Re: [Uta] Proposed definition of opportunistic en… Olle E. Johansson
- Re: [Uta] Proposed definition of opportunistic en… Stephen Farrell
- Re: [Uta] Proposed definition of opportunistic en… Alan Johnston
- Re: [Uta] Proposed definition of opportunistic en… Paul Hoffman
- Re: [Uta] Proposed definition of opportunistic en… Paul Hoffman
- Re: [Uta] Proposed definition of opportunistic en… Alan Johnston
- Re: [Uta] Proposed definition of opportunistic en… Daniel Kahn Gillmor
- Re: [Uta] Proposed definition of opportunistic en… Leif Johansson
- Re: [Uta] Proposed definition of opportunistic en… Daniel Kahn Gillmor
- Re: [Uta] Proposed definition of opportunistic en… Alan Johnston
- Re: [Uta] Proposed definition of opportunistic en… Daniel Kahn Gillmor
- Re: [Uta] Proposed definition of opportunistic en… Paul Hoffman
- Re: [Uta] Proposed definition of opportunistic en… Paul Hoffman
- Re: [Uta] Proposed definition of opportunistic en… Paul Hoffman
- Re: [Uta] Proposed definition of opportunistic en… Daniel Kahn Gillmor
- Re: [Uta] Proposed definition of opportunistic en… Paul Hoffman
- Re: [Uta] Proposed definition of opportunistic en… Stephen Farrell
- Re: [Uta] Proposed definition of opportunistic en… Alan Johnston
- Re: [Uta] Proposed definition of opportunistic en… Paul Hoffman